rwx.work/help
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

source→in

Browse source
This commit is contained in:
Marc Beninca 2018-05-10 12:19:20 +02:00
parent 56de30bb57
commit 4097336b90
113 changed files with 0 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
in/_toctree/administration/containerization.rst Normal file
View file

@ -0,0 +1,8 @@
################
Containerization
################
.. toctree::
:maxdepth: 2
/lxc/index

9
in/_toctree/administration/index.rst Normal file
View file

@ -0,0 +1,9 @@
Administration
==============
.. toctree::
security
servers
system
containerization

10
in/_toctree/administration/security.rst Normal file
View file

@ -0,0 +1,10 @@
########
Security
########
.. toctree::
:maxdepth: 2
/openssh-client/index
/openssh-server/index
/openssl/index

13
in/_toctree/administration/servers.rst Normal file
View file

@ -0,0 +1,13 @@
#######
Servers
#######
.. toctree::
:maxdepth: 2
/nginx/index
/apache/index
/nodejs/index
/tomcat/index
/glassfish/index

9
in/_toctree/administration/system.rst Normal file
View file

@ -0,0 +1,9 @@
######
System
######
.. toctree::
:maxdepth: 2
/apt/index
/debian/index

4
in/_toctree/development/index.rst Normal file
View file

@ -0,0 +1,4 @@
Development
===========
.. toctree::

5
in/_toctree/index.rst Normal file
View file

@ -0,0 +1,5 @@
.. toctree::
quality/index
administration/index
development/index

14
in/_toctree/quality/documents.rst Normal file
View file

@ -0,0 +1,14 @@
#########
Documents
#########
.. toctree::
:maxdepth: 2
/pandoc/index
/sphinx/index
/markdown/index
/restructuredtext/index
/libreoffice/index
/pdftk/index
/texlive/index

7
in/_toctree/quality/index.rst Normal file
View file

@ -0,0 +1,7 @@
Quality
=======
.. toctree::
documents
version

9
in/_toctree/quality/version.rst Normal file
View file

@ -0,0 +1,9 @@
#######
Version
#######
.. toctree::
:maxdepth: 2
/git/index
/gource/index

3
in/apache/index.rst Normal file
View file

@ -0,0 +1,3 @@
######
Apache
######

55
in/apt/configure.rst Normal file
View file

@ -0,0 +1,55 @@
*********
Configure
*********
Keys
====
.. code:: shell
apt-key add "path/to/key/file"
Configuration
=============
* etc/apt/apt.conf
::
APT::Get::Show-Versions true;
Dpkg::Progress-Fancy true;
Acquire::Check-Valid-Until false;
* etc/apt/preferences
::
Package: *
Pin: release n=stretch-backports
Pin-Priority: 400
Package: *
Pin: release n=buster
Pin-Priority: 200
Package: *
Pin: release n=sid
Pin-Priority: 100
* etc/apt/sources.list
deb.debian.org ↔ ftp.cc.debian.org
file:/path
::
deb http://deb.debian.org/debian stretch main contrib non-free
deb http://deb.debian.org/debian stretch-backports main contrib non-free
deb http://deb.debian.org/debian stretch-updates main contrib non-free
deb http://security.debian.org stretch/updates main contrib non-free
deb http://deb.debian.org/debian buster main contrib non-free
deb http://security.debian.org buster/updates main contrib non-free
deb http://deb.debian.org/debian sid main contrib non-free

8
in/apt/index.rst Normal file
View file

@ -0,0 +1,8 @@
###
APT
###
.. toctree::
configure
upgrade

27
in/apt/upgrade.rst Normal file
View file

@ -0,0 +1,27 @@
*******
Upgrade
*******
Hold
====
Hold
----
.. code:: shell
apt-mark hold linux-*
Show
----
.. code:: shell
apt-mark showhold
Unhold
------
.. code:: shell
apt-mark unhold linux-*

9
in/archive.rst Normal file
View file

@ -0,0 +1,9 @@
Archive
=======
.. toctree::
:maxdepth: 2
tar/index
squashfs-tools/index
xorriso/index

421
in/bash/configure.rst Normal file
View file

@ -0,0 +1,421 @@
*********
Configure
*********
Configuration
=============
* etc/bash.bashrc
.. code:: bash
file="/usr/share/bash-completion/bash_completion"
if [ -f "${file}" ]; then
source "${file}"
fi
PS1="\
┌ \e[0;31m\t\e[0m\
– \e[0;32m\${?}\e[0m\
– \e[0;33m\u\e[0m\
@ \e[0;34m\h\e[0m\
"
if git --version &> /dev/null; then
PS1="${PS1} –\e[0;35m\$(__git_ps1)\e[0m"
fi
PS1="${PS1}\n\
│\e[0;36m\${PWD}\e[0m\n\
└ "
PS2="\
└ "
file="/etc/bash.alias"
if [ -f "${file}" ]; then
source "${file}"
fi
Alias
=====
* etc/bash.alias
Described
---------
.. code:: bash
# apt
# update packages catalog
alias aud='apt-get update'
# show package information
alias a='apt-cache show'
# package versions policy
alias ap='apt-cache policy'
# upgrade forbidding package installation or removal
alias aug='apt-get upgrade'
# upgrade allowing package installation or removal
alias adu='apt-get dist-upgrade'
# install packages
alias ai='apt-get install'
# clean packages cache
alias ac='apt-get autoclean;apt-get clean;apt-get autoremove'
# bash
# clear terminal
alias c='clear'
# exit terminal
alias x='exit'
# change current directory to its parent
alias ..='cd ..'
# make a directory
alias md='mkdir'
# make a directory after making its parents
alias mdp='mkdir --parents'
# change current directory to the previous one
alias pd='cd -'
# change mode as directory
alias cmd='chmod 755'
# change mode as file
alias cmf='chmod 644'
# change owner as root
alias cor='chown 0:0'
# change owner as user
alias cou='chown 1000:1000'
# look for a string in processes names
alias pg='ps -A|grep'
# kill a process by id
alias k='kill -9'
# kill all instances of a process by name
alias ka='killall'
# grep from current directory with regex
alias g='grep -rn . -e'
# list current directory entries
alias l='ls --all --color -l -p --time-style="+%Y%m%d-%H%M%S%-:::z"'
# git
# add to index
alias ga='git add'
# add all to index
alias gaa='git add --all'
# create a branch
alias gb='git branch'
# delete a branch
alias gbd='git branch --delete'
# force a branch deletion
alias gbdf='git branch --delete --force'
# list branches
alias gbl='git branch --all --list --verbose --verbose'
# set the link to a remote branch from a local branch
alias gbu='git branch -u'
# clone a remote repository
alias gc='git clone'
# clean untracked files
alias gcf='git clean -d --force'
# index all and commit
alias gacm='git add --all;git commit -m'
# commit the index
alias gcm='git commit -m'
# redo the last commit with a different message
alias gcma='git commit --amend -m'
# make a root commit
alias gcmr='git commit --allow-empty --allow-empty-message -m ""'
# switch to a branch or checkout file(s) from a commit
alias gco='git checkout'
# checkout an orphan branch
alias gcoo='git checkout --orphan'
# checkout development branch
alias gcod='git checkout dev'
# checkout feature branch
alias gcof='git checkout f'
# pick a commit
alias gcp='git cherry-pick'
# abort the commit pick
alias gcpa='git cherry-pick --abort'
# continue the commit pick
alias gcpc='git cherry-pick --continue'
# configure the user name
alias gcun='git config user.name'
# configure the user email
alias gcue='git config user.email'
# differences from last or between commits
alias gd='git diff'
# display what is indexed in cache
alias gdc='git diff --cached'
# differences via external tool
alias gdt='git difftool --dir-diff'
# differences via external tool
alias gdw='git diff --word-diff-regex=.'
# fetch from the remote repository
alias gf='git fetch --tags --verbose'
# fetch from remote repository and prune local orphan branches
alias gfp='git fetch --prune --tags --verbose'
# garbage collect all orphan commits
alias ggc='git reflog expire --expire=now --all;git gc --prune=now'
# initialize a new repository
alias gi='git init'
# initialize a new bare repository
alias gib='git init --bare'
# log commits history
alias gl='git log --all --graph \
--format="%C(auto)%h%d %C(red)%ai%n%C(auto)%B"'
# log commits history with patches
alias glp='git log --all --graph \
--format="%C(auto)%h%d %C(red)%ai%n%C(auto)%B" --patch'
# log medium information
alias glm='git log --all --decorate --graph --pretty=medium'
# fast-forward to remote branch
alias gmf='git merge --ff-only'
# do a merge commit
alias gmc='git merge --no-ff -m'
# abort the current merge commit
alias gma='git merge --abort'
# squash a branch and index its modifications
alias gms='git merge --squash'
# merge via external tool
alias gmt='git mergetool'
# push to the remote repository
alias gp='git push --set-upstream --verbose'
# delete from the remote repository
alias gpd='git push --verbose --delete'
# force the push to the remote repository
alias gpf='git push --set-upstream --verbose --force'
# rebase current branch onto another
alias grb='git rebase'
# abort current rebase
alias grba='git rebase --abort'
# continue current rebase
alias grbc='git rebase --continue'
# force rebase without fast-forward
alias grbf='git rebase --no-ff'
# rebase interactively
alias grbi='git rebase --interactive'
# list all remote repositories
alias grm='git remote'
# add a new remote repository
alias grma='git remote add'
# list remote repositories
alias grml='git remote --verbose'
# show a connection to a repository
alias grms='git remote show'
# set the location of the remote repository
alias grmu='git remote set-url'
# remove file(s) from index or move current branch pointer
alias grs='git reset'
# move current branch pointer to the development branch
alias grsd='git reset dev'
# wipe modifications or reset current branch to another commit
alias grsh='git reset --hard'
# reset current branch to the development branch
alias grshd='git reset --hard dev'
# current state of repository
alias gs='git status --untracked-files=all'
# show a commit
alias gsh='git show'
# tag a commit
alias gt='git tag'
# delete a tag
alias gtd='git tag --delete'
# rsync
# synchronize
alias rs='rsync --archive --no-whole-file --progress --verbose'
# no synchronize
alias rsn='rsync --archive --no-whole-file --progress --verbose -n'
# synchronize and delete
alias rsd='rsync --archive --no-whole-file --progress --verbose --delete'
# synchronize and delete
alias rsdn='rsync --archive --no-whole-file --progress --verbose --delete -n'
Old
---
.. code:: bash
alias c="clear"
alias cmd="chmod 755"
alias cmf="chmod 644"
alias cor="chown 0:0"
alias cou="chown 1000:1000"
alias k="kill -9"
alias ka="killall -9"
alias l="ls --all --color=always -l \
--indicator-style=slash --time-style=\"+%Y%m%d-%H%M%S%-:::z\""
alias pg="ps -A|grep"
alias x="exit"
alias a="apt-cache show"
alias ac="apt-get autoclean;apt-get clean;apt-get autoremove"
alias acl="apt-get changelog"
alias adl="apt-get download"
alias adu="apt-get dist-upgrade"
alias adus="apt-get dist-upgrade --simulate"
alias adub="apt-get dist-upgrade --target-release stretch-backports"
alias adubs="apt-get dist-upgrade --target-release stretch-backports --simulate"
alias af="apt-get --fix-broken install"
alias afs="apt-get --fix-broken install --simulate"
alias ai="apt-get install"
alias ais="apt-get install --simulate"
alias aib="apt-get install --target-release stretch-backports"
alias aibs="apt-get install --target-release stretch-backports --simulate"
alias ait="apt-get install --target-release testing"
alias aits="apt-get install --target-release testing --simulate"
alias aiu="apt-get install --target-release unstable"
alias aius="apt-get install --target-release unstable --simulate"
alias ap="apt-cache policy"
alias as="apt-cache search"
alias asrc="apt-get source"
alias aud="apt-get update"
alias aug="apt-get upgrade"
alias augs="apt-get upgrade --simulate"
alias augb="apt-get upgrade --target-release stretch-backports"
alias augbs="apt-get upgrade --target-release stretch-backports --simulate"
alias ga="git add"
alias gaa="git add --all"
alias gb="git branch"
alias gbd="git branch --delete"
alias gbdf="git branch --delete --force"
alias gbl="git branch --all --list --verbose --verbose"
alias gbu="git branch -u"
alias gc="git clone"
alias gcf="git clean -d --force"
alias gcm="git commit -m"
alias gcma="git commit --amend -m"
alias gcme="git commit --allow-empty --allow-empty-message -m"
alias gco="git checkout"
alias gcob="git checkout -b"
alias gcoo="git checkout --orphan"
alias gcp="git cherry-pick"
alias gcpa="git cherry-pick --abort"
alias gcpc="git cherry-pick --continue"
alias gcue="git config user.email"
alias gcun="git config user.name"
alias gd="git diff"
alias gdc="git diff --word-diff-regex=."
alias gdt="git difftool --dir-diff"
alias gf="git fetch --tags --verbose"
alias gfsnr="git fsck --no-progress --no-reflogs"
alias ggc="git reflog expire --expire=now --all; git gc --prune=now"
alias gi="git init"
alias gib="git init --bare"
alias gl="git log --abbrev-commit --all --decorate --graph --format=oneline"
alias gla="git log --all --decorate --graph \
--format=\"%C(auto)%h %C(red)%an%C(auto)%d %C(reset)%s\""
alias glm="git log --all --decorate --graph --format=medium"
alias gma="git merge --abort"
alias gmc="git merge --no-ff -m"
alias gmf="git merge --ff-only"
alias gms="git merge --squash"
alias gmt="git mergetool"
alias gp="git push --set-upstream --tags --verbose"
alias gpd="git push --delete origin"
alias grb="git rebase"
alias grba="git rebase --abort"
alias grbc="git rebase --continue"
alias grbi="git rebase --interactive"
alias grma="git remote add origin"
alias grmc="git rm --cached"
alias grms="git remote show origin"
alias grmu="git remote set-url origin"
alias grs="git reset"
alias grsh="git reset --hard"
alias grshd="git reset --hard dev"
alias grshm="git reset --hard master"
alias gs="git status --untracked-files"
alias gsc="git show"
alias gt="git tag"
alias gtd="git tag --delete"
alias rs="rsync --archive --progress --verbose"
alias rsn="rsync --archive --progress --verbose -n"
alias rsd="rsync --archive --progress --verbose --delete"
alias rsdn="rsync --archive --progress --verbose --delete -n"
alias tc="tar --numeric-owner --verbose --create --auto-compress --file"
alias tx="tar --numeric-owner --verbose --extract --file"

8
in/bash/index.rst Normal file
View file

@ -0,0 +1,8 @@
####
BASH
####
.. toctree::
configure
snippets

26
in/bash/snippets.rst Normal file
View file

@ -0,0 +1,26 @@
********
Snippets
********
Start a runnable script file
============================
.. code:: bash
#! /bin/bash
Find out current script
=======================
.. code:: bash
SCRIPT_FILE="$(realpath "${BASH_SOURCE[0]}")"
SCRIPT_DIRECTORY="$(dirname "${SCRIPT_FILE}")"
SCRIPT_NAME="$(basename "${SCRIPT_FILE}")"
Quit the interpreter
====================
.. code:: bash
exit

58
in/bind/index.rst Normal file
View file

@ -0,0 +1,58 @@
####
BIND
####
******
Domain
******
* /etc/bind/named.conf.local
::
zone "sub.domain.tld" {
type master;
file "/etc/bind/db.sub.domain.tld";
};
zone "3.2.1.in-addr.arpa" {
type master;
file "/etc/bind/db.3.2.1";
};
* /etc/bind/db.sub.domain.tld
::
$TTL 604800
@ IN SOA ns.sub.domain.tld. admin.sub.domain.tld. (
2 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
@ IN NS ns.sub.domain.tld.
*.sub.domain.tld. IN A 1.2.3.78
ns IN A 1.2.3.12
server IN A 1.2.3.12
dl IN A 1.2.3.34
www IN A 1.2.3.56
*.www IN CNAME www
* /etc/bind/db.3.2.1
::
$TTL 604800
3.2.1.in-addr.arpa. IN SOA ns.sub.domain.tld. admin.sub.domain.tld. (
1 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ; Negative Cache TTL
)
3.2.1.in-addr.arpa. IN NS ns.sub.domain.tld.
12.3.2.1.in-addr.arpa. IN PTR server.sub.domain.tld.
34.3.2.1.in-addr.arpa. IN PTR dl.sub.domain.tld.
56.3.2.1.in-addr.arpa. IN PTR sub.domain.tld.

10
in/boot.rst Normal file
View file

@ -0,0 +1,10 @@
####
Boot
####
.. toctree::
:maxdepth: 2
systemd/index
linux/index
grub/index

3
in/certbot/index.rst Normal file
View file

@ -0,0 +1,3 @@
#######
CertBot
#######

8
in/code.rst Normal file
View file

@ -0,0 +1,8 @@
####
Code
####
.. toctree::
:maxdepth: 2
python3/index

1
in/conf.py Symbolic link
View file

@ -0,0 +1 @@
../conf.py

9
in/data.rst Normal file
View file

@ -0,0 +1,9 @@
####
Data
####
.. toctree::
:maxdepth: 2
sql/index
postgresql/index

10
in/debian/index.rst Normal file
View file

@ -0,0 +1,10 @@
######
Debian
######
.. toctree::
mirror
packages
repositories
system

57
in/debian/mirror.rst Normal file
View file

@ -0,0 +1,57 @@
******
Mirror
******
apt-mirror
==========
.. todo::
debmirror
=========
traditional
-----------
.. code:: shell
debmirror \
--source \
--method="http" \
--host="sous.domaine.tld" \
--root="chemin/ressource" \
--dist="stretch" \
--section="main" \
--keyring="/etc/apt/trusted.gpg" \
--arch="amd64" \
--check-gpg \
--checksums \
--diff="none" \
--postcleanup \
--progress \
--rsync-extra="none" \
--timeout=360000 \
--verbose \
"répertoire_miroirs/nom" \
debian only
-----------
.. code:: shell
--di-arch="arches" \
--di-dist="stretch" \
--i18n \
--keyring="/usr/share/keyrings/debian-archive-keyring.gpg" \
violations
----------
.. code:: shell
--no-source \
--method="https" \
--root="/" \
--ignore-missing-release \
--dist="nom,chemin/ressource" \
--section="autre,1.2/main" \

201
in/debian/packages.rst Normal file
View file

@ -0,0 +1,201 @@
********
Packages
********
Base
====
+-----------+
| locales |
| apt-utils |
| dialog |
+-----------+
System
======
+-------------------+
| linux-image-amd64 |
| systemd-sysv |
| live-boot |
+-------------------+
Drivers
=======
+------------------------+
| firmware-linux-nonfree |
| firmware-iwlwifi |
+------------------------+
Architecture
============
+----------------+
| clonezilla |
| debootstrap |
| gparted |
| squashfs-tools |
+----------------+
Desktop
=======
+------------+
| gnome |
| gnome-core |
+------------+
Commands
========
.. todo:: link
+--------------------------+
| [bash](../bash/index.md) |
| bash-completion |
+--------------------------+
Development
===========
+----------+
| kdevelop |
| nuitka |
| python3 |
+----------+
Documentation
=============
+--------------------------------+
| mkdocs |
| pandoc |
| python3-recommonmark |
| python3-sphinx |
| python3-sphinx-bootstrap-theme |
| python3-sphinx-rtd-theme |
+--------------------------------+
Hardware
========
+-----------+-------+
| dmidecode | |
| pciutils | lspci |
| usbutils | lsusb |
+-----------+-------+
Multimedia
==========
+----------------+
| audacity |
| ffmpeg |
| mkvtoolnix |
| subtitleeditor |
| vlc |
+----------------+
Domain names
============
+---------+
| bind9 |
| unbound |
+---------+
Processes
=========
+---------+
| htop |
| iotop |
| jnettop |
+---------+
Security
========
.. todo:: link
+----------------------------------------------+-----------------------------------------------+
| openssh-client | Utiliser un service de connexion sécurisée |
| [openssh-server](../openssh-server/index.md) | Héberger un service de connexion sécurisée |
| sudo | Changer de privilèges le temps d’une commande |
| tcplay | |
+----------------------------------------------+-----------------------------------------------+
Text
====
+------+
| nano |
| vim |
+------+
Versioning
==========
+--------+
| git |
| gitg |
| gource |
+--------+
Virtualization
==============
+---------------------+
| build-essential |
| dkms |
| linux-headers-amd64 |
| lxc |
| virt-manager |
+---------------------+
Web
===
+-------------+
| firefox |
| firefox-esr |
| wget |
+-------------+
To sort
=======
+--------------+
| apparmor |
| curl |
| iputils-ping |
| less |
| locate |
| man |
| ncdu |
| numlockx |
| qdirstat |
| syslog-ng |
| tree |
+--------------+
+--------------------------+
| firmware-linux-free |
| firmware-linux-nonfree |
| firmware-misc-nonfree |
| xserver-xorg-video-intel |
+--------------------------+
+---------------------+
| blender |
| deadbeef |
| filezilla |
| ghex |
| hexchat |
| libreoffice |
| mumble |
| texlive-lang-french |
| texlive-xetex |
| thunderbird |
+---------------------+

116
in/debian/repositories.rst Normal file
View file

@ -0,0 +1,116 @@
************
Repositories
************
Locations
=========
* http://deb.debian.org/debian
* http://ftp.fr.debian.org/debian
* http://ftp.us.debian.org/debian
* http://security.debian.org
Structure
=========
* ? changelogs
* ? DEP-11
* ? doc
* ? extrafiles
* ? indices
* dists
* ?
* dists
* oldstable
* oldstable-backports
* oldstable-updates
* stable
* stable-backports
* stable-updates
Files
=====
README
------
============================= ===================================================
oldoldstable, or wheezy the released Debian 7.11
oldstable, or jessie the released Debian 8.9
stable, or stretch the released Debian 9.2
oldoldstable-proposed-updates possible updates to Debian 7
oldstable-proposed-updates possible updates to Debian 8
stable-proposed-updates possible updates to Debian 9
wheezy-updates important updates to Debian 7
jessie-updates important updates to Debian 8
stretch-updates important updates to Debian 9
testing, or buster the development version of the next release
unstable, or sid untested candidate packages for future releases
experimental, or rc-buggy experimental packages to be used on top of unstable
============================= ===================================================
Release
-------
contrib main non-free
* ?/Contents-*
* ?/Contents-source
* ?/Contents-udeb-*
* ?/binary-all
* ?/binary-*
* ?/debian-installer/binary-all
* ?/debian-installer/binary-*
* ?/dep11/Components-*
* ?/dep11/icons
* ?/i18n
* main/installer-*
* ?/contrib/source
::
Origin: Debian
Label: Debian
Suite: stable
Version: 9.2
Codename: stretch
Changelogs: http://metadata.ftp-master.debian.org/changelogs/@CHANGEPATH@_changelog
Date: Sat, 07 Oct 2017 09:44:42 UTC
Acquire-By-Hash: yes
Architectures: amd64 arm64 armel armhf i386 mips mips64el mipsel ppc64el s390x
Components: main contrib non-free
Description: Debian 9.2 Released 07 October 2017
MD5Sum:
f9bbab6d94f45e56c672017d8720a24c 1181459 contrib/Contents-amd64
SHA256:
e3bf2ecc2ce89bc48e2339b86ceaba9e1fff7d6668eafab1445e7f7990c4802e 1181459 contrib/Contents-amd64
Packages
--------
::
Package: astrometry-data-2mass-00
Source: astrometry-data-2mass
Version: 1.1
Installed-Size: 13882041
Maintainer: Debian Astronomy Team <debian-astro-maintainers@lists.alioth.debian.org>
Architecture: all
Depends: astrometry.net, curl
Enhances: astrometry.net
Description: Astrometry.net 2MASS index files downloader (2'-2.8')
Homepage: http://data.astrometry.net/4200
Description-md5: b0effd246d35f7c4108f5a91527965cd
Section: contrib/science
Priority: optional
Filename: pool/contrib/a/astrometry-data-2mass/astrometry-data-2mass-00_1.1_all.deb
Size: 3204
MD5sum: 1a51ad538ca17d1113802820856dc4d5
SHA256: 36eafa5e9dbea55ecea5b2595f0d7c0a591e0831e20ac3ac98a239605074798a

327
in/debian/system.rst Normal file
View file

@ -0,0 +1,327 @@
******************************************
Debian GNU/Linux distribution installation
******************************************
.. todo::
* /etc/motd
::
Choices
=======
have up-to-date mirrors available
---------------------------------
.. todo::
choose critical base packages
-----------------------------
paquets proposés pour pouvoir travailler correctement
+-----------+--------------------------------------------------+
| locales | générer des locales binaires pour les messages |
| apt-utils | sinon la configuration des paquets est repoussée |
| dialog | sans quoi APT remonte des messages d’alerte |
+-----------+--------------------------------------------------+
decide the desired type of system
---------------------------------
* le système sera-t-il architecturé
* en 64 bits ?
* en 32 bits ?
* les 2 ?!
* le système sera-t-il exécuté
* sur une machine physique ?
* dans une machine virtuelle ?
* dans un conteneur ?
* dans un conteneur dans une machine virtuelle ?
* le système sera-t-il utilisé
* en écriture, sur un support de stockage ?
* en lecture, chargé en mémoire au démarrage ?
Install required tools
======================
|||
|||
| debootstrap | générer un système de fichiers de base minimal
| squashfs-tools | compresser ou décompresser une image de système
```bash
apt-get install "debootstrap squashfs-tools"
```
Create a base file hierarchy
============================
prepare the system's directory
------------------------------
* devenir root
* créer un répertoire, et s’y positionner
```bash
su
```
```bash
mkdir -p "chemin"
cd "chemin"
```
generate the minimal base
-------------------------
```bash
debootstrap \
--arch="amd64" \
--include="locales,apt-utils,dialog" \
--variant="minbase" \
"stretch" \
. \
"miroir"
```
Configure preinstalled packages
===============================
define default keyboard layouts
-------------------------------
* /etc/default/keyboard
```bash
XKBMODEL="pc105"
XKBLAYOUT="fr,fr"
XKBVARIANT="oss,bepo"
XKBOPTIONS=""
BACKSPACE="guess"
```
define default locales to generate
----------------------------------
* etc/default/locale
```
LANG=en_US.UTF-8
LANGUAGE=en_US
LC_CTYPE="fr_FR.UTF-8"
LC_NUMERIC="fr_FR.UTF-8"
LC_TIME="fr_FR.UTF-8"
LC_COLLATE="fr_FR.UTF-8"
LC_MONETARY="fr_FR.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="fr_FR.UTF-8"
LC_NAME="fr_FR.UTF-8"
LC_ADDRESS="fr_FR.UTF-8"
LC_TELEPHONE="fr_FR.UTF-8"
LC_MEASUREMENT="fr_FR.UTF-8"
LC_IDENTIFICATION="fr_FR.UTF-8"
```
* etc/locale.gen
```
en_US.UTF-8 UTF-8
fr_FR.UTF-8 UTF-8
```
[configure command shell](../bash/index.md)
-------------------------------------------
[configure package manager](../apt/index.md)
--------------------------------------------
redefine hostname
-----------------
```bash
echo "hostname" > "etc/hostname"
```
provide known file systems
--------------------------
* etc/fstab
Volume temporaire en RAM
```
tmpfs /tmp tmpfs auto,mode=1777 0 0
```
Install additional packages
===========================
switch into context
-------------------
```bash
mount --bind /proc proc
mount --bind /sys sys
chroot .
```
TODO ? /dev
generate locales
----------------
```bash
locale-gen
```
define root password
--------------------
```bash
passwd
```
user, guest, sudo
-----------------
```bash
apt-get install sudo
useradd -s /bin/bash user
mkdir /home/user
chown user: /home/user
adduser user sudo
useradd -s /bin/bash guest
chown guest: /home/guest
```
authentications: passwords, SSH keys
------------------------------------
TODO
upgrade system
--------------
* dans tous les cas :
```bash
apt-get update
apt-get upgrade
```
* si besoin, car des paquets rétroportés modifient la distribution :
```bash
apt-get dist-upgrade
```
apply system type elements
--------------------------
|||
|||
| linux-image-amd64 | s’il ne s’agit pas d’un conteneur
| live-boot | si à destination de boot live
| systemd-sysv | sans quoi le système ne démarrera pas complètement
```bash
apt-get install -t stretch-backports "linux-image-amd64"
apt-get install "live-boot"
```
----
initialization settings
-----------------------
```bash
apt-get install -t stretch-backports "systemd-sysv"
```
* etc/sysctl.conf
Espace mémoire maximum allouable (à augmenter si hébergement de conteneurs)
Pourcentage de RAM disponible avant utilisation de la partition d’échange
```ini
vm.max_map_count=1048576
vm.swappiness=0
```
keeping things light
--------------------
```bash
apt-get install --no-install-recommends …
```
install useful packages
-----------------------
```bash
apt-get install \
bash-completion \
lxc \
less nano vim \
pciutils usbutils \
python3 \
squashfs-tools \
```
```bash
apt-get install -t "stretch-backports" \
debootstrap \
```
install other packages
----------------------
[Choix de paquets commentés](packages.md)
```bash
apt-get install "package1" …
apt-get install -t stretch-backports "package1" …
```
properly switch back from context
---------------------------------
* vider le cache d’APT
```bash
apt-get clean
```
* s’extraire de l’environnement
```bash
exit
```
* démonter les liens au système hôte
```bash
umount sys
umount proc
```
clean up commands history
-------------------------
* root/.bash_history
Configure installed packages
============================
.. todo::
Archive prepared file system
============================
.. code:: shell
mksquashfs . "../name.squashfs" -comp "xz"

8
in/desktop.rst Normal file
View file

@ -0,0 +1,8 @@
#######
Desktop
#######
.. toctree::
:maxdepth: 2
gnome/index

7
in/ffmpeg/index.rst Normal file
View file

@ -0,0 +1,7 @@
######
FFMPEG
######
.. toctree::
snippets

10
in/ffmpeg/snippets.rst Normal file
View file

@ -0,0 +1,10 @@
********
Snippets
********
Change container
================
.. code:: bash
ffmpeg -i input.avi output.mkv

19
in/git/configure.rst Normal file
View file

@ -0,0 +1,19 @@
*********
Configure
*********
Identity
========
.. code:: shell
git config user.name "First Last"
git config user.email "user@domain.tld"
* ~/.gitconfig
.. code:: ini
[user]
name = "First Last"
email = "user@domain.tld"

8
in/git/index.rst Normal file
View file

@ -0,0 +1,8 @@
###
Git
###
.. toctree::
configure
snippets

13
in/git/snippets.rst Normal file
View file

@ -0,0 +1,13 @@
********
Snippets
********
TODO
====
* .gitignore
* aliases
* git diff
* cached (staging area)
* character

3
in/glassfish/certify.rst Normal file
View file

@ -0,0 +1,3 @@
*******************
Certify application
*******************

3
in/glassfish/configure.rst Normal file
View file

@ -0,0 +1,3 @@
*****************
Configure service
*****************

3
in/glassfish/deploy.rst Normal file
View file

@ -0,0 +1,3 @@
******************
Deploy application
******************

9
in/glassfish/index.rst Normal file
View file

@ -0,0 +1,9 @@
#########
GlassFish
#########
.. toctree::
configure
deploy
certify

54
in/gnome/configure.rst Normal file
View file

@ -0,0 +1,54 @@
*********
Configure
*********
General
=======
Settings
--------
* automatic date/time
* automatic timezone
Tweak tool
----------
* dark theme
dconf
-----
* backgrounds
* updates
Applications
============
Terminal (gnome-terminal)
-------------------------
* dark variant
* colors
* infinite scroll
Files (nautilus)
----------------
Settings
Text editor (gedit)
-------------------
Settings
Plugins:
* git
Keyboard shortcuts
------------------
Calculator
----------
Advanced mode

6
in/gnome/index.rst Normal file
View file

@ -0,0 +1,6 @@
#####
GNOME
#####
.. toctree::
configure

7
in/gource/index.rst Normal file
View file

@ -0,0 +1,7 @@
######
Gource
######
.. toctree::
render

18
in/gource/render.rst Normal file
View file

@ -0,0 +1,18 @@
******
Render
******
* TODO FFMPEG pipe
.. code:: bash
gource \
--date-format "%Y - %m - %d / %H : %M : %S" \
-f \
--highlight-dirs \
--highlight-users \
--key \
--output-framerate 60 \
--start-date "yyyy-mm-dd HH:MM:SS" \
--auto-skip-seconds 1 \
--seconds-per-day 10

208
in/gpg/index.rst Normal file
View file

@ -0,0 +1,208 @@
###
GPG
###
TODO
====
* setpref, or elsehow at key generation
* ! suffix to exclude subkeys
* trust
* sign
* delete
* ssh authentication ???
Configure
=========
wipe if needed
--------------
.. code:: shell
rm --force --recursive ~/.gnupg
mkdir -m 700 ~/.gnupg
check available algorithms
--------------------------
.. code:: shell
gpg --version
avoid default use of SHA256
---------------------------
* gpg.conf
::
cert-digest-algo SHA512
personal-digest-preferences SHA512
personal-cipher-preferences CAMELLIA256 TWOFISH AES256
personal-compress-preferences BZIP2 ZLIB ZIP
default-preference-list SHA512 CAMELLIA256 TWOFISH AES256 BZIP2 ZLIB ZIP
keyserver-options include-revoked
with-subkey-fingerprint
avoid DL/UL issues, depending on DNS
------------------------------------
* dirmngr.conf
::
standard-resolver
Also if up:
.. code:: shell
gpgconf --kill gpg-agent
killall dirmngr
Generate
========
master key
----------
.. code:: shell
gpg --full-generate-key
::
1 → RSA and RSA
4096
0 → key does not expire
y → this is correct
First Last
user@domain.tld
Comment
o → ok
PassPhrase
revocation certificate
----------------------
.. code:: shell
gpg --generate-revocation "KeyID" > "FFIINNGGEERRPPRRIINNTT.rev"
.. warning::
Hide this file in an encrypted container!
Search
======
.. code:: shell
gpg --search-keys "Key ID"
Download
========
.. code:: shell
gpg --receive-keys "KEY ID"
List
====
.. code:: shell
gpg --list-keys
Modify
======
.. code:: shell
gpg --edit-key "KEY ID"
[…]
::
PassPhrase
save
add a subkey to a master key
----------------------------
::
addkey
set expiration date
-------------------
::
expire
add another UserID
------------------
::
adduid
First Last
user@domain.tld
Comment
set primary UserID
------------------
::
uid 1
primary
Export
======
.. code:: shell
gpg --armor --export "Key ID" > pub.asc
Dump
====
.. code:: shell
pgpdump pub.asc
Secure
======
find out master keygrip
-----------------------
.. code:: shell
gpg --list-keys --with-keygrip
hide the master key in an encrypted container
---------------------------------------------
* ~/.gnupg/private-keys-v1.d/KKEEYYGGRRIIPP.key
Upload
======
.. code:: shell
gpg --send-keys "KEY ID"
Revoke
======
.. code:: shell
gpg --import "FFIINNGGEERRPPRRIINNTT.rev"
gpg --send-keys "KEY ID"

7
in/grub/index.rst Normal file
View file

@ -0,0 +1,7 @@
GRUB
====
.. toctree::
modules
standalone

87
in/grub/modules.rst Normal file
View file

@ -0,0 +1,87 @@
.. _grub_modules:
*******
Modules
*******
===== ==========================
date display/set date/time
echo display message
eval expression evaluation
help commands and args
sleep escape interruptible pause
test if then else fi
true true/false nop commands
===== ==========================
=========== ============================================
at_keyboard keyboard layouts handling for terminal_input
keylayouts change keyboard layout
keystatus test alt/ctrl/shift keys
read variable until enter
=========== ============================================
====== ========
halt shutdown
reboot restart
====== ========
========= =========================================
biosdisk disks detection via bios
cpuid check if cpu can handle 64 bit and/or PAE
lspci list pci devices
videoinfo list video modes
========= =========================================
========== ======================================
part_gpt guid partition table partitions scheme
part_msdos master boot record partitions scheme
========== ======================================
=========== ================================================
btrfs | better file system
exfat | ms extended file allocation table file system
ext2 | linux file systems
fat | ms file allocation table file system
hfs | apple file system
hfspluscomp | apple extended file system with compression
iso9660 | older optical disk file system
ntfscomp | ms new technology file system with compression
tar | tar archive format handling
| (for embedded fonts,locales,etc.)
udf | optical disk file system
=========== ================================================
====== =====================================
search set root according to uuid/label/file
====== =====================================
=========== ===================================
cat display file content
configfile load different menu/script file
gcry_crc crc hash algorithm
gcry_md5 md5 hash algorithm
gcry_sha1 sha1 hash algorithm
gcry_sha256 sha256 hash algorithm
gcry_sha512 sha512 hash algorithm
hashsum hash file, needs gcry_ modules
loadenv load and save menu environment file
testspeed file loading benchmark
=========== ===================================
======== =================================
loopback turn a file into a virtual device
memdisk ram disk
======== =================================
===== =========================
linux kernel & initial ram disk
===== =========================
================== ===========================
gfxterm_background | color/image
| triggers graphic terminal
jpeg | jpeg image format
png | png image format
tga | tga image format
================== ===========================

315
in/grub/standalone.rst Normal file
View file

@ -0,0 +1,315 @@
************************
Prepare a boot directory
************************
Choose useful modules
=====================
Commented list: :ref:`grub_modules`
Download packages
=================
current
-------
================== ===================================
grub2-common fichiers v2 communs
grub-common fichiers v2 et v1 communs
grub-efi-amd64 architecture EFI avec installation
grub-efi-amd64-bin architecture EFI sans installation
grub-pc architecture BIOS avec installation
grub-pc-bin architecture BIOS avec installation
================== ===================================
legacy
------
=========== ============
grub-efi transitional
grub-legacy maintenance
=========== ============
Put up a functional directory
=============================
boot/grub/grub.cfg
.. code:: shell
search --set --fs-uuid "YYYY-MM-DD-hh-mm-ss-cc"
Or at worst:
.. code:: shell
search --set --label "LA_BEL"
Generate a modular image
========================
/bin/tar
.. code:: shell
tar
--create
--dereference
--file='grub.tar'
--verbose
boot
* moddep.lst
* kernel.img
* lzma_decompress.img
* diskboot.img
* *.mod
/usr/bin/grub-mkimage
.. code:: shell
grub-mkimage
--directory='i386-pc'
--format='i386-pc'
--memdisk='grub.tar'
--output='i386-pc/core.img'
modules…
i386-pc-eltorito for ISO encapsulation
Make a device bootable
======================
* boot.img
* core.img
/usr/sbin/grub-bios-setup
.. code:: shell
grub-bios-setup \
--directory="i386-pc" \
/dev/sd?
Prepare a boot menu
===================
available colors
----------------
========= ============= =========== ==========
black blue green cyan
red magenta brown light-gray
dark-gray light-blue light-green light-cyan
light-red light-magenta yellow white
========= ============= =========== ==========
* black backgrounds are actually transparent!
available environment variables
-------------------------------
==================== =============================
chosen 4
color_highlight black/light-gray
color_normal light-gray/black
default "${id}"
gfxmode 1024x768
gfxpayload keep
gfxterm_font unicode
lang en_US
locale_dir
menu_color_highlight white/blue
menu_color_normal cyan/blue
pager 1
prefix (hd?,msdos?)/live/boot/2.02-2
root hd?,msdos?
theme …/.txt
timeout -1
==================== =============================
======= =====
cmdpath (hd?)
======= =====
persistent environment variables file
-------------------------------------
* /usr/bin/grub-editenv
.. code:: shell
grub-editenv file create
grub-editenv file set variable=value
grub-editenv file unset variable
boot a prepared system
----------------------
.. warning::
Violent kernel crashes are to be expected if:
1. the live-media-path has no .squashfs file
#. the image basename:
* doesn't end with .squashfs
* is just .squashfs
* contains ,
----
* /live/name.squashfs
.. code:: shell
linux /live/subdir/vmlinuz boot="live" toram="subdir/name.squashfs"
initrd /live/subdir/initrd.img
.. code:: shell
loopback loop /live/dir/name.squashfs
linux (loop)/vmlinuz boot="live" toram="dir/name.squashfs"
initrd (loop)/initrd.img
* Debian installed
.. code:: shell
unset path
uuid="????????-????-????-????-????????????"
search --set="path" --fs-uuid "${uuid}"
if [ "${path}" ]; then
path="(${path})"
linux "${path}/vmlinuz" \
elevator=deadline \
root=UUID=${uuid}
initrd "${path}/initrd.img"
fi
* Debian Installer
.. code:: shell
linux "/path/to/vmlinuz" priority="low"
.. code:: shell
linux "/path/to/vmlinuz" auto="true" \
file="/hd-media/path/to/preseed"
----
.. code:: shell
initrd /path/to/gtk/initrd.gz
----
* iso-scan's first pass goes only 1 subdirectories level down!
.. todo::
Test if iso-scan/filename really works
.. code:: shell
iso-scan/ask_second_pass="true" iso-scan/filename="/path/to/file.iso"
* Debian Live
.. code:: shell
file="/path/to.iso"
loopback loop "${file}"
path="(loop)/live"
linux "${path}/vmlinuz" boot="live" findiso="${file}" components
initrd "${path}/initrd.img"
* PartedMagic
.. code:: shell
file="/path/to.iso"
loopback loop ${file}
path="(loop)/pmagic"
linux "${path}/bzImage64" iso_filename="${file}" load_ramdisk=1
initrd "${path}/initrd.img" "${path}/fu.img" "${path}/m64.img"
* Windows
.. code:: shell
menuentry "Windows" {
drivemap -s (hd0) (hd1)
chainloader (hd0,msdos2)+1
}
* CloneZilla
.. code:: shell
file="/path/to/file.iso"
loopback loop "${file}"
path="(loop)/live"
linux "${path}/vmlinuz" findiso="${file}" \
boot="live" union="overlay" \
username="user" config components \
toram="filesystem.squashfs" ip="" \
locales="en_US.UTF-8" keyboard-layouts="fr-latin9" \
----
.. code:: shell
ocs_live_batch="yes" \
ocs_prerun="mount /dev/disk/by-uuid/${cz_home} /mnt" \
ocs_prerun1="mount --bind /mnt/${cz_partimag} /home/partimag" \
ocs_live_run="ocs-live-restore" \
.. code:: shell
ocs_live_extra_param="\
-e1 auto -e2 -t -r -j2 -cs -k \
-p reboot restoreparts ask_user ${cz_target}"
.. code:: shell
ocs_live_extra_param="\
-q2 -j2 -rm-win-swap-hib -gs -z1p -i 1000000 -fsck-y \
-p reboot saveparts ask_user ${cz_target}"
----
.. code:: shell
ocs_live_batch="no" \
ocs_live_run="ocs-live-general" \
----
.. code:: shell
initrd "${path}/initrd.img"
* ISO
.. code:: shell
xorrisofs \
\
-output live-grub.iso \
\
-volid "LIVE_GRUB" \
-boot-info-table \
-no-emul-boot \
--modification-date="YYYYMMDDhhmmsscc" \
-eltorito-boot live/boot/grub/2.02-2/i386-pc/core.img \
-eltorito-catalog "boot.cat" \
--boot-catalog-hide \
\
-exclude live/sources \
-exclude live/boot/debian.squashfs/debootstrap \
-exclude live/boot/debian.squashfs/live \
-root "live" \
"live"

12
in/hosts/index.rst Normal file
View file

@ -0,0 +1,12 @@
*****
Hosts
*****
LocalHost
=========
::
::1 localhost
127.0.0.1 localhost

7
in/imagemagick/index.rst Normal file
View file

@ -0,0 +1,7 @@
###########
ImageMagick
###########
.. toctree::
snippets

3
in/imagemagick/snippets.rst Normal file
View file

@ -0,0 +1,3 @@
********
Snippets
********

28
in/index.rst Normal file
View file

@ -0,0 +1,28 @@
RTFD
====
.. toctree::
:maxdepth: 4
:numbered: 2
_toctree/index
.. toctree::
tasks
.. toctree::
:maxdepth: 3
:numbered: 2
archive
script
network
data
code
boot
virtualization
desktop
media
privacy

27
in/isc-dhcp-server/index.rst Normal file
View file

@ -0,0 +1,27 @@
###############
ISC-DHCP-server
###############
*************
Configuration
*************
* /etc/dhcp/dhcpd.conf
::
option domain-name "sub.domain.tld";
option domain-name-servers 1.2.3.200;
default-lease-time 600;
max-lease-time 7200;
authoritative;
subnet 1.2.3.0 netmask 255.255.255.0 {
range 1.2.3.123 1.2.3.128;
}
host name {
hardware ethernet 01:23:45:67:89:ab;
fixed-address 1.2.3.4;
}

11
in/libreoffice/convert.rst Normal file
View file

@ -0,0 +1,11 @@
*******
Convert
*******
.. code::
libreoffice \
--headless \
--convert-to "png" \
--outdir "chemin/fichier.png" \
input_file.o??

7
in/libreoffice/index.rst Normal file
View file

@ -0,0 +1,7 @@
###########
LibreOffice
###########
.. toctree::
convert

3
in/linux/arguments.rst Normal file
View file

@ -0,0 +1,3 @@
*********
Arguments
*********

8
in/linux/index.rst Normal file
View file

@ -0,0 +1,8 @@
#####
Linux
#####
.. toctree::
arguments
modules

3
in/linux/modules.rst Normal file
View file

@ -0,0 +1,3 @@
*******
Modules
*******

170
in/lxc/container.rst Normal file
View file

@ -0,0 +1,170 @@
*********
Container
*********
TODO
====
* look for creation through debootstrap
Create
======
.. code:: shell
lxc-create \
--name="container_name" \
--template="debian" \
-- \
--release="stretch" \
--mirror="file:/mirrors/debian/debian-stretch" \
--security-mirror="file:/mirrors/debian/debian-stretch-security" \
Configure
=========
In containers/directory/container_name :
* config
.. code:: ini
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.arch = amd64
lxc.autodev = 1
lxc.kmsg = 0
lxc.mount = /var/lib/lxc/container_name/fstab
lxc.rootfs = /var/lib/lxc/container_name/rootfs
lxc.rootfs.backend = dir
lxc.start.auto = 1
lxc.utsname = hostname
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.veth.pair = container_name
lxc.network.hwaddr = virtual_mac_address
Static addresses variant:
.. code:: ini
lxc.network.ipv4 = container_ip4/network_mask_bits
lxc.network.ipv6 = container_ip6
* fstab
.. warning::
| Do not forget to create the data directories
| otherwise the container start process will fail!
::
data/directory/container_name data none bind,create=dir
/mirrors mirrors none bind,create=dir
* rootfs/
* TODO Debian configuration
* rootfs/etc/network/interfaces.d/eth0
if the container uses DHCP:
::
auto eth0
iface eth0 inet dhcp
Start
=====
.. warning::
| Be patient, for it can take a container
| up to 1 minute to get its network stack up!
.. code:: shell
lxc-start -n "container_name"
.. code:: shell
lxc-start --name="container_name"
Run command
===========
.. code:: shell
lxc-attach -n "container_name" -- command
.. code:: shell
lxc-attach --name="container_name" -- command
Stop
====
.. code:: shell
lxc-stop -n "container_name"
.. code:: shell
lxc-stop --name="container_name"
Backup
======
system
------
.. code:: shell
cd containers/directory
tar --numeric-owner -cvaf container_name.backup_name.txz container_name
data
----
.. code:: shell
cd data/directory
tar --numeric-owner -cvaf container_name.backup_name.txz container_name
Destroy
=======
.. code:: shell
lxc-destroy -n "container_name"
.. code:: shell
lxc-destroy --name="container_name"
Restore
=======
system
------
.. code:: shell
cd containers/directory
rm --recursive container_name
tar --numeric-owner -xvf container_name.backup_name.txz
data
----
.. code:: shell
cd data/directory
rm --recursive container_name
tar --numeric-owner -xvf container_name.backup_name.txz

78
in/lxc/host.rst Normal file
View file

@ -0,0 +1,78 @@
****
Host
****
Check
=====
.. code:: shell
lxc-checkconfig
List
====
.. code:: shell
lxc-ls -f
.. code:: shell
lxc-ls --fancy
Network bridge
==============
Create bridge br0 onto host's network interface eth0:
* /etc/network/interfaces.d/eth0
::
auto br0
iface br0 inet static
address host_ip/network_mask_bits
gateway gateway_ip
bridge_fd 0
bridge_maxwait 0
bridge_ports eth0
bridge_stp on
Service
=======
Default configuration for new containers:
* /etc/lxc/default.conf
.. code:: ini
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.arch = amd64
lxc.autodev = 1
lxc.kmsg = 0
lxc.rootfs.backend = dir
lxc.start.auto = 1
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
Directories
===========
* 1 for the containers
* 1 for their data
.. code:: shell
mkdir --parents "containers/directory"
rmdir "/var/lib/lxc"
ln --symbolic "containers/directory" "/var/lib/lxc"
.. code:: shell
mkdir --parents "data/directory"

27
in/lxc/index.rst Normal file
View file

@ -0,0 +1,27 @@
###
LXC
###
.. toctree::
host
container
***
ESX
***
.. warning::
| If the host is part of an ESX virtual network architecture,
| make sure to configure its virtual switch to avoid packet drops.
* Edit Settings / Policies / Security
=================== ======
Key Value
=================== ======
Promiscuous Mode Accept
MAC Address Changes Accept
Forged Transmits Accept
=================== ======

7
in/markdown/index.rst Normal file
View file

@ -0,0 +1,7 @@
########
MarkDown
########
.. toctree::
syntax

52
in/markdown/syntax.rst Normal file
View file

@ -0,0 +1,52 @@
******
Syntax
******
Titles
======
::
# title 1
## title 2
### title 3
#### title 4
##### title 5
###### title 6
Lists
=====
::
* element 1
* element 2
* element 2.1
* element 2.2
* element 2.2.1
* element 2.2.2
Blocks
======
::
```language
multi
line
message
```
Links
=====
::
[link_caption](link_address)
Images
======
::
![alternative_text](image_address)

10
in/media.rst Normal file
View file

@ -0,0 +1,10 @@
#####
Media
#####
.. toctree::
:maxdepth: 2
imagemagick/index
ffmpeg/index
mkvtoolnix/index

3
in/mkvtoolnix/index.rst Normal file
View file

@ -0,0 +1,3 @@
##########
MKVtoolnix
##########

9
in/network.rst Normal file
View file

@ -0,0 +1,9 @@
Network
=======
.. toctree::
:maxdepth: 2
bind/index
hosts/index
isc-dhcp-server/index

77
in/nginx/configure.rst Normal file
View file

@ -0,0 +1,77 @@
*********
Configure
*********
* /etc/nginx/nginx.conf
.. code::
pid /run/nginx.pid;
user user;
worker_processes auto;
events {
multi_accept off;
worker_connections 512;
}
http {
# General
keepalive_timeout 60;
sendfile on;
server_tokens off;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;
# Names
server_name_in_redirect off;
server_names_hash_bucket_size 128;
# File types
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Security
ssl_buffer_size 8k;
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,ECDHE-ECDSA-AES256-SHA,DHE-DSS-AES256-GCM-SHA384,DHE-RSA-AES256-GCM-SHA384,DHE-RSA-AES256-SHA256,DHE-DSS-AES256-SHA256,DHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA";
ssl_dhparam /etc/nginx/dhparam;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.2;
ssl_session_cache shared:ssl_session_cache:16m;
ssl_session_timeout 15m;
# Log
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Compression
gzip on;
gzip_buffers 32 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_proxied any;
gzip_types *;
gzip_vary off;
# Misc
add_header Strict-Transport-Security max-age=31557600;
client_max_body_size 16m;
index index.html;
proxy_pass_request_body on;
proxy_pass_request_headers on;
proxy_redirect off;
# Includes
include /etc/nginx/sites-enabled/*;
}

8
in/nginx/index.rst Normal file
View file

@ -0,0 +1,8 @@
#####
NginX
#####
.. toctree::
configure
serve

37
in/nginx/serve.rst Normal file
View file

@ -0,0 +1,37 @@
*****
Serve
*****
* /etc/nginx/sites-available/…
.. code::
server {
listen 80;
server_name _;
location "/mirrors" {
root "/";
autoindex on;
}
location "/" {
root "/data/http";
autoindex on;
}
}
server {
listen 443 ssl http2;
server_name "sous.domaine.tld";
ssl_certificate "/etc/nginx/certificates/nom.crt";
ssl_certificate_key "/etc/nginx/certificates/nom.key";
location "/static" {
root "/data/https";
default_type "text/html";
index "index.html";
}
location "/" {
proxy_pass "http://127.0.0.1:8069";
proxy_redirect off;
proxy_set_header Host $host;
}
}

3
in/nodejs/index.rst Normal file
View file

@ -0,0 +1,3 @@
######
NodeJS
######

23
in/openssh-client/index.rst Normal file
View file

@ -0,0 +1,23 @@
##############
OpenSSH client
##############
*********
Configure
*********
* /etc/ssh/ssh_config
::
TODO
**********
Create key
**********
* ~/.ssh/id_rsa*
.. code:: shell
ssh-keygen -b 4096

78
in/openssh-server/index.rst Normal file
View file

@ -0,0 +1,78 @@
##############
OpenSSH server
##############
*********
Configure
*********
* /etc/ssh/moduli
Generate usable prime numbers pool.
.. warning::
These are **VERY** long operations!
.. code:: shell
ssh-keygen -b 4096 -G 4096.G
ssh-keygen -f 4096.G -T moduli
* /etc/ssh/ssh_host_*_key
types: rsa/ed25519/…?
.. code:: shell
ssh-keygen -b 4096 -f /etc/ssh/ssh_host_rsa_key
* /etc/ssh/sshd_config
::
# daemon
AllowTcpForwarding yes
ClientAliveInterval 30
Compression no
HostKey /etc/ssh/ssh_host_rsa_key
IgnoreRhosts yes
LogLevel INFO
MaxStartups 16:32:64
PermitTunnel no
Port 22
Protocol 2
Subsystem sftp internal-sftp
TCPKeepAlive yes
UseDNS no
UseLogin no
UsePAM yes
X11Forwarding no
# authentication
AuthorizedKeysFile .ssh/authorized_keys
ChallengeResponseAuthentication no
Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes256-ctr
HostbasedAuthentication no
KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
LoginGraceTime 60
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256
PasswordAuthentication no
PermitEmptyPasswords no
PermitRootLogin without-password
PubkeyAuthentication yes
StrictModes yes
UsePrivilegeSeparation sandbox
# prompt
Banner none
DebianBanner no
PrintLastLog yes
PrintMotd no
VersionAddendum none
* authorized_keys
::
TODO

151
in/openssl/index.rst Normal file
View file

@ -0,0 +1,151 @@
#######
OpenSSL
#######
Generate private key
====================
.. code:: shell
openssl \
genrsa \
-out "private_key.pem" \
4096 \
Human readable:
.. code:: shell
openssl \
rsa \
-in "private_key.pem" \
-noout \
-text \
Generate a certificate request
==============================
* generate a private key
* using . for empty fields, generate the request with:
* Country Name (2 letter code)
* State or Province Name (full name)
* Locality Name (eg, city)
* Organization Name (eg, company)
* Organizational Unit Name (eg, section)
* Common Name (e.g. server FQDN or YOUR name)
* Email Address
* A challenge password
* An optional company name
.. code:: shell
echo -n "\
US
Region / County (code)
City / Place
Group / Management / Unit
Section
certificate_name
alias@domain.tld
.
.
" \
| \
openssl \
req \
-new \
-key "private_key.pem" \
-out "certificate_request.csr" \
-utf8 \
Human readable:
.. code:: shell
openssl \
req \
-in "certificate_request.csr" \
-noout \
-text \
Create a Certification Authority
================================
init
----
.. code:: shell
rm --force --recursive "demoCA"
mkdir --parents "demoCA/newcerts"
echo -n "" > "demoCA/index.txt"
echo "00" > "demoCA/serial"
request
-------
.. code:: shell
echo -n "\
US
Region / County (code)
City / Place
Decreasing / Hierarchy
Name
Name
alias@domain.tld
.
.
" \
| \
openssl \
req \
-new \
-key "name.pem" \
-out "name.csr" \
-utf8 \
signature
---------
.. code:: shell
openssl \
ca \
-selfsign \
-in "name.csr" \
-keyfile "name.pem" \
-notext \
-out "name.crt" \
-startdate 20160801000000Z \
-enddate 20180801000000Z \
-batch \
-extensions "v3_ca" \
----
quick & dirty variant
---------------------
.. code:: shell
openssl \
ca \
-selfsign \
-keyfile "private_key.pem" \
Sign request
============
.. code:: shell
openssl \
req \
-in "certificate_request.csr" \
-key "private_key.pem" \
-x509 \
-set_serial 0 \
-days 730 \
-out "certificate.crt" \

42
in/pandoc/build.rst Normal file
View file

@ -0,0 +1,42 @@
*****
Build
*****
Formats
=======
Documents
---------
* html5
* odt
* docx
* latex (--latex-engine="xelatex")
Presentations
-------------
* beamer
* dzslides
* revealjs
* s5
* slideous
* slidy
Generation
==========
.. code:: shell
pandoc \
--data-dir="directory/path" \
--from="markdown" \
"input_file" \
--to="html5" \
--output="output_file" \
--standalone \
--number-sections \
--toc \
--toc-depth=3 \
--template="template_name" \
--css="style/relative/path"

7
in/pandoc/index.rst Normal file
View file

@ -0,0 +1,7 @@
######
PanDoc
######
.. toctree::
build

3
in/pdftk/index.rst Normal file
View file

@ -0,0 +1,3 @@
#####
PDFtk
#####

3
in/postgresql/configure.rst Normal file
View file

@ -0,0 +1,3 @@
*****************
Configure service
*****************

3
in/postgresql/create.rst Normal file
View file

@ -0,0 +1,3 @@
***************
Create database
***************

7
in/postgresql/index.rst Normal file
View file

@ -0,0 +1,7 @@
##########
PostGreSQL
##########
.. toctree::
configure
create

9
in/privacy.rst Normal file
View file

@ -0,0 +1,9 @@
Privacy
=======
.. toctree::
:maxdepth: 2
certbot/index
tcplay/index
gpg/index

8
in/python3/index.rst Normal file
View file

@ -0,0 +1,8 @@
#######
Python3
#######
.. toctree::
syntax
snippets

21
in/python3/snippets.rst Normal file
View file

@ -0,0 +1,21 @@
********
Snippets
********
Répertoires
===========
Détruire
--------
.. code:: python3
import shutil
shutil.rmtree(path)
Web
===
.. code:: python3
requests.get(url).content.decode(charset)

20
in/python3/syntax.rst Normal file
View file

@ -0,0 +1,20 @@
******
Syntax
******
Imports
=======
.. code:: python3
import module
module.py → module/__init__.py
------------------------------
* __init__.py
first/module.py → second/module.py
----------------------------------
* first

BIN
in/restructuredtext/image.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 8.5 KiB

8
in/restructuredtext/index.rst Normal file
View file

@ -0,0 +1,8 @@
################
ReStructuredText
################
.. toctree::
tree
syntax

78
in/restructuredtext/syntax.rst Normal file
View file

@ -0,0 +1,78 @@
******
Syntax
******
Sections
========
.. code:: restructuredtext
####
Part
####
*******
Chapter
*******
Section
=======
SubSection
----------
SubSubSection
^^^^^^^^^^^^^
Paragraph
"""""""""
ToSort
======
.. code:: restructuredtext
.. raw:: html
<div></div>
* *1 star*
* **2 stars**
* ``2 backquotes``
After this comma,
| output new line
.. comment
..
multiline
comment
.. image:: image.png
Indent 0
Indent 1 which
continues here.
Indent 2
* item
* subitem
* item
#. first
#. second
----
.. epigraph::
No matter where you go, there you are.
-- Buckaroo Banzai

7
in/restructuredtext/tree.rst Normal file
View file

@ -0,0 +1,7 @@
****
Tree
****
.. code::
index

7
in/rsync/index.rst Normal file
View file

@ -0,0 +1,7 @@
#####
Rsync
#####
.. toctree::
snippets

17
in/rsync/snippets.rst Normal file
View file

@ -0,0 +1,17 @@
********
Snippets
********
Simulate sync with deletion
===========================
.. code:: bash
rsync \
--archive \
--no-whole-file \
--progress \
--verbose \
--delete --dry-run
"/local/directory/" \
"user@host:/remote/directory/"

9
in/script.rst Normal file
View file

@ -0,0 +1,9 @@
######
Script
######
.. toctree::
:maxdepth: 2
bash/index
rsync/index

3
in/sphinx/build.rst Normal file
View file

@ -0,0 +1,3 @@
*******************
Build documentation
*******************

13
in/sphinx/configure.rst Normal file
View file

@ -0,0 +1,13 @@
***********************
Configure documentation
***********************
MarkDown
========
.. code:: python3
source_parsers = {
'.md': 'recommonmark.parser.CommonMarkParser',
}
source_suffix = ['.rst', '.md']

3
in/sphinx/create.rst Normal file
View file

@ -0,0 +1,3 @@
********************
Create documentation
********************

10
in/sphinx/index.rst Normal file
View file

@ -0,0 +1,10 @@
######
Sphinx
######
.. toctree::
install
configure
create
build

9
in/sphinx/install.rst Normal file
View file

@ -0,0 +1,9 @@
*******
Install
*******
.. code:: shell
python3-sphinx
python3-sphinx-rtd-theme
python3-recommonmark

8
in/sql/index.rst Normal file
View file

@ -0,0 +1,8 @@
###
SQL
###
.. toctree::
syntax
snippets

3
in/sql/snippets.rst Normal file
View file

@ -0,0 +1,3 @@
********
Snippets
********

3
in/sql/syntax.rst Normal file
View file

@ -0,0 +1,3 @@
******
Syntax
******

3
in/squashfs-tools/index.rst Normal file
View file

@ -0,0 +1,3 @@
##############
SquashFS-tools
##############

8
in/systemd/index.rst Normal file
View file

@ -0,0 +1,8 @@
#######
SystemD
#######
.. toctree::
system
journal

3
in/systemd/journal.rst Normal file
View file

@ -0,0 +1,3 @@
***************
Control journal
***************

Some files were not shown because too many files have changed in this diff Show more